Sha256: 5760ed363bf399192f3093d73dd47b545f6cc8a11b657c00f81217d41a9c605a
Contents?: true
Size: 1.25 KB
Versions: 8
Compression:
Stored size: 1.25 KB
Contents
require 'spec_helper' class ForgeriesController < ActionController::Base include Clearance::Controller protect_from_forgery if respond_to?(:before_action) before_action :require_login else before_filter :require_login end # This is off in test by default, but we need it for this test self.allow_forgery_protection = true def create redirect_to action: 'index' end end describe ForgeriesController do context 'signed in user' do before do Rails.application.routes.draw do resources :forgeries get '/sign_in' => 'clearance/sessions#new', as: 'sign_in' end @user = create(:user) @user.update_attribute(:remember_token, 'old-token') @request.cookies['remember_token'] = 'old-token' end after do Rails.application.reload_routes! end it 'succeeds with authentic token' do token = controller.send(:form_authenticity_token) post :create, authenticity_token: token expect(subject).to redirect_to(action: 'index') end it 'fails with invalid token' do post :create, authenticity_token: 'hax0r' expect(subject).to deny_access end it 'fails with no token' do post :create expect(subject).to deny_access end end end
Version data entries
8 entries across 8 versions & 1 rubygems